Tuesday, March 17, 2009

Mirror Silver Contact Lens

Conficker.C get the new version !!!!!!

spotted a new variant of stubborn malware of recent times, it will automatically be distributed to all computers already infected. Better watch out for: Conficker . C will be even more difficult to remove.
initially developed as a simple

worm can exploit a weakness systems Windows (detected and accurate to October 2008), the malware has subsequently evolved , implementing auto-update mechanisms increasingly sophisticated ability to defend against removal mechanisms can also attack the keys USB and network shares.

Conficker is now preparing to be updated : from 1 April in fact, the malware download the new version of himself, identified as Conficker . C. To retrieve new malicious byte, the program will contact a number of domains generated using an algorithm of multiple choice with this technique, the cracker (Or, more likely, the development team) behind the malware is able to prevent the possibility of curbing the infection by inhibiting a single domain.

variant "C" will be characterized by a partial change of course: if older versions were in fact characterized by a particular aggressiveness of the mechanisms of replication, the next release will aim instead to consolidate its position:

the worm will still more difficult to remove. CA speaks fact of features that stop the virus , inhibit access to the Security Center and Windows Update , prevent the execution of many cleaning tools, disable restarting in safe mode and delete all restore points generated by the operating system.

In fact, the best approach (if not only) groped for removal will be made use of secondary boot

memories, such as a CD that can boot the machine (like MegaLab . it CD Utility) or the use of a secondary hard drive. Operations then Tutt 'more than simple, especially for those who are facing an epidemic in a business scenario with a few hundred computers ..

To date, it is still unknown what are the intentions of the authors of

Conficker : Despite the high spread in fact, the codicil does not do hostile actions, if not groped to replicate on as many computers as possible and equip themselves to resist attempts to remove . The malware

remaining constantly waiting for instructions from its creator : in all likelihood, the puppeteer behind Conficker is still considering how best to exploit the millions of computers become compromised, which could be used as bridgehead for attacks bring Distributed Denial of Service (DDoS ) on a commission basis, or turned into unwitting spam -fired power plants.

(source from:

Megalab . it )

This damned

worm does not seem to give up, next month we run for cover: Updated 's antivirus , especially windows update and keep More anti-malware ( spy - bots, spyware terminator, spyware - doctor just to name a few!)

More forward 'll keep you informed about removal techniques to be this damn .......
Posted by admin at 11:46 PM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)